<?php
    session_start();
    require_once('userlevel.php'); //Require/include the permissions file
    require_once('template.php'); //Require/include the template file
    require_once('functions.php'); //Require/include the functions file
    require_once('db.php'); //Require/include the file with the database connection information
     
    if (!$_SESSION['user_loggedin']) {
        die ("Not logged in... <script>document.location.href='login.php'</script>");
    } elseif (!($_SESSION['userlevel'] >= $userlevel['setuser'])) {
        die (errorpage ("Your user level is not high enough to use this feature!", 'Set revision summary'));
    } else {
        //Connect to DB and connect to the database using db.php
        $db = new my_db;
        $id = strip_tags(mysql_escape_string($_GET['id']));
        $fileid = strip_tags(mysql_escape_string($_GET['fileid']));
         
        template_headtag("Set revision summary for revision #$id");
        template_header();
        template_left();
        if (!empty($id)) {
            echo "<div class='pageheadertext'>Set revision summary for revision #$id</div>";
            if (isset($_POST['summary'])) {
                $summary = mysql_escape_string($_POST['summary']);
                 
                $db->query("UPDATE history SET revsummary='$summary' WHERE id='$id'");
                echo "<div align='center'>Revision summary updated<br/><a href='history.php?id=$fileid'>Back</a></div>";
                 
            } else {
                $db->query("SELECT * FROM history WHERE id='$id'");
                $db->next_record();
                $oldsummary = strip_tags($db->f('revsummary'));
                echo "
                    <form method='post' action='editsummary.php?id=$id&amp;fileid=$fileid'>
                    <br/>
                    <p>Revision summary: </p>
                    <textarea name='summary' rows=7 cols=50 />$oldsummary</textarea><br /><br />
                    <input type='submit' value='Update'/>
                    </form>
                    ";
            }
        } else {
            errorbox('Invaild ID!');
        }
        template_footer();
    }
?>
